Elliptic’s investigative team traced funds from the $35 million Atomic Wallet hack to Sinbad.io, a mixer used to launder over $100 million in cryptoassets stolen by North Korea’s Lazarus Group.
There are over 35 million dollars allegedly was stolen from users of Atomic Wallet, a custody-free cryptocurrency wallet service with five million users worldwide. In a June 3 tweet, the service confirmed reports of compromised wallets, before confirming that “less than 1%” of users were affected.
At Elliptic, we have identified a large number of compromised wallets, which means that stolen funds can be tracked in our software. Exchanges and other crypto companies using Elliptic tools will be alerted if they receive stolen proceeds. We continue to work with Atomic Wallet and others to identify the stolen funds.
Elliptic’s investigative team is also following the transaction trail and found that the stolen funds are being exchanged for Bitcoin, before being laundered through the sinbad.io mixer.
Previous research by Elliptic revealed that Sinbad was used extensively to launder over $100 million in hacking proceeds by North Korea’s Lazarus Group. This includes funds from the $540 million Axie Infinity hack and the $100 million Horizon Bridge attack.
Elliptic’s analysis also suggests that Sinbad.io is likely to be a rebranded version of Blender.io, another mixer widely used to launder Lazarus Group funds. Blender was the first such service to be approved by the US Treasury Department, due to its use by North Korea.
Elliptic will continue to monitor and update our system with new information about stolen funds.
Law Enforcement APAC Crypto Crime